# Copyright (c) 2019 Red Hat, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. [driver.amphora] title=Amphora Provider link=https://docs.openstack.org/api-ref/load-balancer/v2/index.html [driver.ovn] title=OVN Provider link=https://docs.openstack.org/networking-ovn/latest/admin/loadbalancer.html # Note: These should be in the order they appear in a create call. [operation.admin_state_up] title=admin_state_up status=mandatory notes=Enables and disables the listener. cli=openstack loadbalancer listener create [--enable | --disable] driver.amphora=complete driver.ovn=complete [operation.allowed_cidr] title=allowed_cidr status=optional notes=CIDR to allow access to the listener (can be set multiple times). cli=openstack loadbalancer listener create [--allowed-cidr ] driver.amphora=complete driver.ovn=missing [operation.client_authentication] title=client_authentication status=optional notes=The TLS client authentication mode. cli=openstack loadbalancer listener create [--client-authentication {NONE,OPTIONAL,MANDATORY}] driver.amphora=complete driver.ovn=missing [operation.client_ca_tls_container_ref] title=client_ca_tls_container_ref status=optional notes=The ref of the key manager service secret containing a PEM format client CA certificate bundle for TERMINATED_TLS listeners. cli=openstack loadbalancer listener create [--client-ca-tls-container-ref ] driver.amphora=complete driver.ovn=missing [operation.client_crl_container_ref] title=client_crl_container_ref status=optional notes=The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_TLS listeners. cli=openstack loadbalancer listener create [--client-crl-container-ref ] driver.amphora=complete driver.ovn=missing [operation.connection_limit] title=connection_limit status=optional notes=The maximum number of connections permitted for this listener. cli=openstack loadbalancer listener create [--connection-limit ] driver.amphora=complete driver.ovn=missing [operation.default_tls_container_ref] title=default_tls_container_ref status=optional notes=The URI of the key manager service secret containing a PKCS12 format certificate/key bundle for TERMINATED_TLS listeners. cli=openstack loadbalancer listener create [--default-tls-container-ref ] driver.amphora=complete driver.ovn=missing [operation.description] title=description status=optional notes=The description of the listener. Provided by the Octavia API service. cli=openstack loadbalancer listener create [--description ] driver.amphora=complete driver.ovn=complete [operation.insert_headers.X-Forwarded-For] title=insert_headers - X-Forwarded-For status=optional notes=When “true” a X-Forwarded-For header is inserted into the request to the backend member that specifies the client IP address. cli=openstack loadbalancer listener create [--insert-headers X-Forwarded-For=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-Forwarded-Port] title=insert_headers - X-Forwarded-Port status=optional notes=When “true” a X-Forwarded-Port header is inserted into the request to the backend member that specifies the listener port. cli=openstack loadbalancer listener create [--insert-headers X-Forwarded-Port=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-Forwarded-Proto] title=insert_headers - X-Forwarded-Proto status=optional notes=When “true” a X-Forwarded-Proto header is inserted into the request to the backend member. cli=openstack loadbalancer listener create [--insert-headers X-Forwarded-Proto=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-SSL-Client-Verify] title=insert_headers - X-SSL-Client-Verify status=optional notes=When “true” a X-SSL-Client-Verify header is inserted into the request to the backend member that contains 0 if the client authentication was successful, or an result error number greater than 0 that align to the openssl veryify error codes. cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-Verify=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-SSL-Client-Has-Cert] title=insert_headers - X-SSL-Client-Has-Cert status=optional notes=When “true” a X-SSL-Client-Has-Cert header is inserted into the request to the backend member that is ‘’true’’ if a client authentication certificate was presented, and ‘’false’’ if not. Does not indicate validity. cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-Has-Cert=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-SSL-Client-DN] title=insert_headers - X-SSL-Client-DN status=optional notes=When “true” a X-SSL-Client-DN header is inserted into the request to the backend member that contains the full Distinguished Name of the certificate presented by the client. cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-DN=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-SSL-Client-CN] title=insert_headers - X-SSL-Client-CN status=optional notes=When “true” a X-SSL-Client-CN header is inserted into the request to the backend member that contains the Common Name from the full Distinguished Name of the certificate presented by the client. cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-CN=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-SSL-Issuer] title=insert_headers - X-SSL-Issuer status=optional notes=When “true” a X-SSL-Issuer header is inserted into the request to the backend member that contains the full Distinguished Name of the client certificate issuer. cli=openstack loadbalancer listener create [--insert-headers X-SSL-Issuer=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-SSL-Client-SHA1] title=insert_headers - X-SSL-Client-SHA1 status=optional notes=When “true” a X-SSL-Client-SHA1 header is inserted into the request to the backend member that contains the SHA-1 fingerprint of the certificate presented by the client in hex string format. cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-SHA1=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-SSL-Client-Not-Before] title=insert_headers - X-SSL-Client-Not-Before status=optional notes=When “true” a X-SSL-Client-Not-Before header is inserted into the request to the backend member that contains the start date presented by the client as a formatted string YYMMDDhhmmss[Z]. cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-Not-Before=true] driver.amphora=complete driver.ovn=missing [operation.insert_headers.X-SSL-Client-Not-After] title=insert_headers - X-SSL-Client-Not-After status=optional notes=When “true” a X-SSL-Client-Not-After header is inserted into the request to the backend member that contains the end date presented by the client as a formatted string YYMMDDhhmmss[Z]. cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-Not-Aftr=true] driver.amphora=complete driver.ovn=missing [operation.name] title=name status=optional notes=The name of the load balancer listener. Provided by the Octavia API service. cli=openstack loadbalancer listener create [--name ] driver.amphora=complete driver.ovn=complete [operation.protocol.HTTP] title=protocol - HTTP status=optional notes=HTTP protocol support for the listener. cli=openstack loadbalancer listener create --protocol HTTP driver.amphora=complete driver.ovn=missing [operation.protocol.HTTPS] title=protocol - HTTPS status=optional notes=HTTPS protocol support for the listener. cli=openstack loadbalancer listener create --protocol HTTPS driver.amphora=complete driver.ovn=missing [operation.protocol.TCP] title=protocol - TCP status=optional notes=TCP protocol support for the listener. cli=openstack loadbalancer listener create --protocol TCP driver.amphora=complete driver.ovn=complete [operation.protocol.TERMINATED_HTTPS] title=protocol - TERMINATED_HTTPS status=optional notes=Terminated HTTPS protocol support for the listener. cli=openstack loadbalancer listener create --protocol TERMINATED_HTTPS driver.amphora=complete driver.ovn=missing [operation.protocol.UDP] title=protocol - UDP status=optional notes=UDP protocol support for the listener. cli=openstack loadbalancer listener create --protocol UDP driver.amphora=complete driver.ovn=complete [operation.protocol_port] title=protocol_port status=mandatory notes=The protocol port number for the listener. cli=openstack loadbalancer listener create --protocol-port driver.amphora=complete driver.ovn=complete [operation.sni_container_refs] title=sni_container_refs status=optional notes=A list of URIs to the key manager service secrets containing PKCS12 format certificate/key bundles for TERMINATED_TLS listeners. cli=openstack loadbalancer listener create [--sni-container-refs [ [ ...]]] driver.amphora=complete driver.ovn=missing [operation.stats] title=Listener statistics status=mandatory notes=The ability to show statistics for a listener. cli=openstack loadbalancer listener stats show driver.amphora=complete driver.ovn=missing [operation.tags] title=tags status=optional notes=The tags for the load balancer listener. Provided by the Octavia API service. cli=openstack loadbalancer listener create [--tags ] driver.amphora=complete driver.ovn=complete [operation.timeout_client_data] title=timeout_client_data status=optional notes=Frontend client inactivity timeout in milliseconds. cli=openstack loadbalancer listener create [--timeout-client-data ] driver.amphora=complete driver.ovn=missing [operation.timeout_member_connect] title=timeout_member_connect status=optional notes=Backend member connection timeout in milliseconds. cli=openstack loadbalancer listener create [--timeout-member-connect ] driver.amphora=complete driver.ovn=missing [operation.timeout-member-data] title=timeout-member-data status=optional notes=Backend member inactivity timeout in milliseconds. cli=openstack loadbalancer listener create [--timeout-member-data ] driver.amphora=complete driver.ovn=missing [operation.timeout-tcp-inspect] title=timeout-tcp-inspect status=optional notes=Time, in milliseconds, to wait for additional TCP packets for content inspection. cli=openstack loadbalancer listener create [--timeout-tcp-inspect ] driver.amphora=complete driver.ovn=missing